package com.alibaba.cloud.authorization.controller;

import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttributes;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import java.util.Map;
import java.util.Set;

@Controller
@SessionAttributes({"authorizationRequest"})
public class AuthorizationController {

    @RequestMapping("/confirm_access")
    public ModelAndView oauthUserApproval(Map<String, Object> model, HttpServletRequest request) {

        AuthorizationRequest authorizationRequest = (AuthorizationRequest) model.get("authorizationRequest");
        if (authorizationRequest == null) {
            // 尝试从session中获取
            authorizationRequest = (AuthorizationRequest) request.getSession().getAttribute("authorizationRequest");
        }
        // 授权页面信息
        String clientId = authorizationRequest.getClientId();
        String redirectUri = authorizationRequest.getRedirectUri();
        Set<String> scope = authorizationRequest.getScope();
        ModelAndView modelAndView = new ModelAndView();
        modelAndView.setViewName("authorization");
        modelAndView.addObject("clientId", clientId);
        modelAndView.addObject("redirectUri", redirectUri);
        modelAndView.addObject("scope", scope);
        return modelAndView;
    }
}

